 PacratOld and CrankyPremium,MVM
join:2001-03-10
Cortland, OH
 ·RoadRunner Cable
1 edit | Trojan.ByteVerify My daughter's computer keeps wanting to dial out on it's own... she has a WinMe dial up connection and AOL. Symmantec told her it was Trojan.ByteVerify... she went through all the steps to remove it suggested by Symmantec, but it seems it's still there, although NAV scans don't indicate such. Anyone got anything else to try???
--
"Nothing is impossible for the man who will not listen to reason." |
|
 redxiiPremium,Mod
join:2001-02-26
Sherwood, MI
 ·Clear Wireless
·Suddenlink
Host:
Broadband Tweaks
Suddenlink
ISDN
Fiber Optic
AOL Broadband
| Try disabling any programs that keep the connection alive, I know Systemworks is one, and any programs that require a constant internet connection.
Look for spyware.
NAV told me I had Trojan.ByteVerify on my computer in one of the CABs from installing Sun Java Virtual Machine. |
|
PacratOld and CrankyPremium,MVM
join:2001-03-10
Cortland, OH Reviews:
·RoadRunner Cable
| She's repeatedly scanned with NAV and Ad-aware... nada showing up. But it's still trying, unsuccessfully to make a connection. Seems it's dialing a bogus phone number. (or at least, an incomplete number, sans area code)
--
"Nothing is impossible for the man who will not listen to reason." |
|
mvduPremium
join:2003-07-28
Collegeville, PA
kudos:1 | reply to Pacrat
I seemed to get that after installing Sun Java. I wonder if they were compromised for a time?
You can try Spybot S&D and online scans like Trend Micro's to see if you got everything.
--
Proud liberal and Bush disliker |
|
 BubbaGIT-R-DONEPremium,MVM
join:2002-08-19
St. Andrews
 ·DIRECTV
·Pickwick Cablevi..
·Comcast
| reply to Pacrat
The below thread has some good info concerning removal....in fact a Security Forum Search for byteverify using All text shows quite a few possibilities for other help.
• Persistent Trojan
--
"I R 1" |
|
 sigPremium
join:2001-05-05
2 edits | reply to Pacrat
You might try Spybot Search and Destroy, freeware like Adaware but sometimes finds and cleans stuff Adaware doesn't: »www.safer-networking.org/
Sounds like you have a dialer program. You should also try a free download trial version of an AntiTrojan application like Trojan Hunter or TDS. Just update the signature databases before an ondemand scan is run. (For TDS you have to go to the vendor's site to get the latest updates.) You can find links to these programs here: »www.wilders.org/anti_trojans.htm
To prevent future infections of this particular ByteVerify type that exploits a specific system vulnerability, MS issued a VM patch last spring that would have prevented this. Check windows update once the PC is cleaned up so this won't be repeated.
ed: here's the direct link to the Bulletin regarding the MS Virtual Machine vulnerability »www.microsoft.com/technet/treevi···-011.asp |
|
|
|
| reply to Pacrat
And, if none of that yields any answers, let us see what is really running on that system. This is a great diagnostic tool as well:
Download *Hijack This!*
»www.merijn.org/files/hijackthis.zip
Unzip, doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, the "Scan" button will change into a "Save Log" button. Press that and copy & paste its contents here. Most of what it lists will be harmless or even essential, don't fix anything yet. Someone will be along to tell you what steps to take after you post the contents of the scan results.
--
It takes a disaster to make a woman out of a female
Gladiator Security Forum |
|
 FiOS DanPremium
join:2001-07-06
Redondo Beach, CA | reply to redxii
said by redxii:
NAV told me I had Trojan.ByteVerify on my computer in one of the CABs from installing Sun Java Virtual Machine.
Same here from AVG several months ago.
--
"Well, come see a fat old man sometime!" |
|
